1. Field of the Invention
The present invention relates to a network service that allows various services such as purchase orders of items and database use to be received by connecting to a server computer through a network such as the Internet from a client computer.
2. Prior Art
In the past, a variety of services have been provided through compute networks. For example, it is possible for a user to receive specific services such as ordering and purchasing items or using and viewing databases by accessing the home page of a service provider through the Internet from a personal computer or the like used by the user.
In this type of network service, a specific service is provided on a specific Web page (hereafter referred to as “user-only screen”) linked to a home page. To prevent illegal item orders, use of databases, and the like, the service provider requests user information that enables confirmation of the user's eligibility such as confidential information unique to the user (e.g., the user's address, name, age, occupation, place of employment, position, gender, telephone number, fax number, email address, or credit card number) or a user ID (identification) and password set up with the service provider; and only when this user information is entered, access to the user-only screen is permitted.
There is the danger, however, that user information such as that discussed above could be intercepted by another person on the network and illegally used, causing great damages. Confidential information unique to the user such as the credit card numbers are particularly effective and convenient for the service provider to confirm eligibility of completely unknown users, but the harm suffered by a user by its illegal acquisition and use by another person can be extremely severe. Naturally, harm suffered by the service provider can also be quite severe, including damage to databases when other parties access them using illegally acquired user information.
In prior art, a variety of security systems have been proposed, including use of complex encryption keys to authenticate access rights. However, it is difficult to prevent leaks of user information provided on the network in the course of authenticating access rights by identifying the user (person) on the network. Furthermore, highly sophisticated security systems that can effectively prevent user information from being intercepted are extremely labor-and-cost intensive to develop and to build their infrastructures. Thus, ordinary service providers who do not have sufficient financial means cannot adopt such systems at all.